Allcontent - Security Managementhttps://supportforums.cisco.com/feeds/allcontent/5521
jaManagement https://supportforums.cisco.com/discussion/12572046/management
What is the difference between&nbsp;Cisco Prime Security Manager and&nbsp;Cisco FireSIGHT Management? and when to use&nbsp;Cisco Prime Security Manager &nbsp;and&nbsp;FireSIGHT Management?Sun, 02 Aug 2015 06:55:17 +0000peteryouhannafawzy12572046 at https://supportforums.cisco.comDHCP SNOOPING ON TRUNK PORTShttps://supportforums.cisco.com/discussion/12572081/dhcp-snooping-trunk-ports
Hi,&nbsp;I have two cisco 2960 switches in my lab, VLAN 20 is configured&nbsp;&nbsp;SW1-SW2 --- port 24 &nbsp;trunk&nbsp;&nbsp;SW1 port 13 is DHCP Server portSW1 port 1 CLIENT 1 is connectedSW1 DHCP SNOOPING CONFIGURATION,ip dhcp snooping&nbsp;ip dhcp snooping vlan 20interface fa 0/13 &nbsp;--- DHCP SERVER connected portip dhcp snooping trust&nbsp;SW2-SW1 &nbsp;-- port 24 trunkSW2 port 14 is where CLIENT 2 is connectedSW2 DHCP Snooping Configurationip dhcp snooping&nbsp;ip dhcp snooping vlan 20interface fa 0/24 --- trunk port - 2-Sw1ip dhcp snooping trustdisable option 82no ip dhcp snooping inSun, 02 Aug 2015 08:07:20 +0000Ahmady_Quraish12572081 at https://supportforums.cisco.comSSL termination and inspection discussion using cisco technologyhttps://supportforums.cisco.com/discussion/12571176/ssl-termination-and-inspection-discussion-using-cisco-technology
&nbsp;I want to know what options exists in cisco platforms for following scenario&nbsp;&nbsp;&quot;We are looking to update the infra which currently houses a linux box working as reverse proxy and mod sec which does application layer inspection.&nbsp; The box later re-encrypts traffic when it leaving the box to be sent to actual targeted server. So, this one box is configured to perform termination and inspection of traffic both.The new hardware , we are looking for must have an option which is equivalent in purpose (termination and inspection) but improved itself in terms of sec high end peFri, 31 Jul 2015 08:27:05 +0000asad_ali_66612571176 at https://supportforums.cisco.comTelnet and SSH issue on Cisco 3750.https://supportforums.cisco.com/discussion/12565086/telnet-and-ssh-issue-cisco-3750
I enable on Cisco 3750 and all of sudden I was &nbsp;not able to login into the box. I even changed the source interface and update the transport input method under the VTY lines, no luck.&nbsp;Then I choose to disable SSH by removing the pertaining configs lines and the RSA keys. And I changed the transport input back to Telnet. After rebooting the switch I am still not able to log in&nbsp;&nbsp;despite the fact that the box is reachable.&nbsp;Any help ?&nbsp;Thanks,Jean-Marie&nbsp;Fri, 24 Jul 2015 00:17:42 +0000jeanmariengokgwem12565086 at https://supportforums.cisco.comCSM 4.8- how to retrive confighttps://supportforums.cisco.com/discussion/12566996/csm-48-how-retrive-config
Hi all,&nbsp;does anyone know how to crate a list of all firewalls with their interfaces and the IP addresses?Example:Firewall XXXX Inetrface XXXX 1 IP XXX&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; interface YYYYY 2 IP YYYYFirewall AAAA interface AAAA IP AAAAA&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; interface BBBB IP BBBBBetc, etc...any ideas?thanks a lotLanceMon, 27 Jul 2015 10:11:48 +0000lancewendel12566996 at https://supportforums.cisco.comCSM 4.8 - Error loading page: NAT - Address Poolshttps://supportforums.cisco.com/discussion/12536516/csm-48-error-loading-page-nat-address-pools
HalloDoes anybody know how this bug was fixed ?https://tools.cisco.com/bugsearch/bug/CSCut55025&nbsp;sincerleyThu, 18 Jun 2015 07:26:50 +0000a0154backup12536516 at https://supportforums.cisco.comneed a CSV file ot txt --> with interface name , ip address and hostname - how to get ?https://supportforums.cisco.com/discussion/12566876/need-csv-file-ot-txt-interface-name-ip-address-and-hostname-how-get
Hallo&nbsp;the Goal is a list like :Firewall Name1&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Interface name1&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;ip-address1&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Interface Name 2&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ip-address2&nbsp;Firewall Name2&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Interface name1&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;ip-address1&nbsp;&nbsp;&nbsp;&nbsMon, 27 Jul 2015 06:33:37 +0000a0154backup12566876 at https://supportforums.cisco.comCSM 4.7 possible bug??https://supportforums.cisco.com/discussion/12442816/csm-47-possible-bug
Dear All,I am having this issue on a new/clean installation of CSM 4.7 without any firewalls managed (originally installed 4.3 then upgraded to 4.5 and 4.7).The issue was not there with CSM4.1 (Common services 3.3.0)&nbsp;The CMFOGSServer.log file is growing quickly and is filled with these messages, although CSm is not used (no firewall is managed yet).The below message appear every minute:[ Wed Mar 04&nbsp; 9:20:07 UTC 2015 ]FATAL&nbsp; com.cisco.nm.dcr.asa.TopoChangePoller createConnection&nbsp; Could not establish DB connectivity com.cisco.nm.cmf.dbservice2.DBException: Invalid database prWed, 04 Mar 2015 09:53:56 +0000kevinbergamo12442816 at https://supportforums.cisco.comARP inspectionhttps://supportforums.cisco.com/discussion/12566261/arp-inspection
Hi All,&nbsp;Please advise on the below.Say the topology is as below&nbsp;host1----Switch1----Trunk-----Switch2----host2&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;|&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;DHCP Server&nbsp;I have trusted the DHCP server port for DHCP snooping and also for arp inspection and the trunk links connected to DHCP server as it is&nbsp;not directly connected.Host 1 ip 10.1.1.1 mac 0001Host 2 ip 10.1.1.2 mac 0002Say I have enabled DHCP shooping and arp inspection.In snooping&nbsp;database of Switch 1 , I have the entries for Host 1 and Host2.QuSat, 25 Jul 2015 10:01:08 +0000rakeshvelagala12566261 at https://supportforums.cisco.comSending different severity syslogs to different hostshttps://supportforums.cisco.com/discussion/12565466/sending-different-severity-syslogs-different-hosts
Hi,can the ASA send different severity syslogs to different syslog servers?I see the introduction of custom logging lists... but you can only specify a single logging list to be used for traps... rather than associating a logging list to a specific logging host.Can this be done?ThanksMarioFri, 24 Jul 2015 11:26:17 +0000marioderosa200812565466 at https://supportforums.cisco.com